As you might imagine, I get questions like this all the time. As a result, I do have recommendations for security software and techniques to stay safe in various articles all over Ask Leo!.
To make your life a little easier, here’s a short version that sums it all up.
The short-short version
Most home and small business users who don’t want to think about it too much should simply:
- Get a router even if you have only one computer; it will be your firewall.
- Install the free Microsoft Security Essentials as your anti-virus, anti-spyware and malware scanner.
- Turn on Windows Automatic Update.
- Turn on the Windows Firewall when you travel.
Good basic protection in four steps with only one download.
Basic security software: Microsoft Security Essentials
In the past, I’ve strongly recommended against all-in-one solutions.
By all-in-one, I mean any single program, package, or “security suite” that claims to do everything: firewall, anti-spyware, anti-virus, and often much more all in a single package. What I hear from readers is that these types of suites often have problems or actually cause more problems than other alternatives.
That strong recommendation against continues – I’ve not changed my mind.
With one exception: Microsoft Security Essentials (MSE).
In a sense, it’s not really an all-in-one solution like the others. It has both anti-virus and anti-spyware, but that’s it. It’s not trying to shovel in all sorts of other features that you don’t need and that often only serve to destabilize your computer. MSE isn’t trying to compete against other products with long feature lists – and as a result, it wins.
Not long ago, MSE came under fire by rating lower than some other security packages in a test published online. That happens almost every anti-malware package. It’s actually difficult to find consistent test results that point to any single, clear winner. In the case of this most recent test, I believe that the user actually had to explicitly ignore warnings presented by MSE and explicitly allow malicious software to be run.
My recommendation stands. MSE remains a solid and free anti-virus and anti-spyware package with minimal system impact that should be appropriate for almost anyone.
Other good alternatives
On the other hand, Microsoft Security Essentials might not be the right solution for everyone. No single product is.
Even with a good, solid foundation like MSE, you may also find yourself needing additional tools at times. The unfortunate but very practical reality is that no single tool or combination of tools can find all malware all the time. As a result, you may sometimes need to bring in alternatives to help out.
I throw Malwarebytes Anti-malware into a classification by itself. It’s not really an anti-virus tool per se. In their forums, you’ll often see the support staff recommending anti-virus tools to install alongside Malwarebytes. But I can’t really call it an anti-spyware tool either.
What’s important is that it continues to have a very good track record of removing troublesome malware that other packages sometimes miss.
Malwarebytes’ Anti-Malware comes in two versions: free and pay. The free version is a fully functional, stand-alone manual scanner. I often recommend it as an additional tool when removing malware or when malware is suspect. The paid version adds real-time scanning and scheduled scanning and updates.
I have two concerns with both:
- They both try really, really hard to up-sell you to the paid versions. Be persistent, be careful, and make sure you get the free version – it’s only the free version that I’m recommending here.
- They often include additional features, like link scanners, toolbars, search engine overrides, and more that are either unrelated to their function, or in my opinion simply not needed. Be careful to select only the features and functionality that you need.
Spybot Search and Destroy is one of the longest running and highly regarded anti-spyware tools out there. I used it for many years, and wouldn’t hesitate to install and use it again.
Also one of the “old guard” is Lavasoft’s Ad-Aware. It’s had some issues in years past, but as I understand it, it’s a solid alternative once again. My only concern with Ad-Aware is that being a free version based on a commercial product, it does seem to be starting down the road of perhaps trying to do too much.
For home and business use, I recommend the use of any good NAT router as a firewall. They don’t have to be expensive and are one of the simplest approaches to keeping your computer safe from network-based threats. If all the computers on the local network side of the router can be trusted, then there’s no need for an additional software firewall.
When traveling, I recommend simply turning on the built-in Windows Firewall. There’s often no harm in leaving it on at home, but it can occasionally get in the way of some local machine-to-machine activities like sharing files and folders.
I understand that some people feel strongly that an additional software firewall is still called for in certain circumstances. In my opinion, those circumstances are infrequent. I do not have a specific product to recommend, as all of the current software firewalls seem to cause issues, often serious, from time to time.
If your machine becomes infected with malware of some sort there’s a good chance that you’ll not be able to actually download anything. That means you won’t be able to download the latest updated for your anti-malware tools, or perhaps be able to run them at all. When that happens it calls for an 0ff-line malware scanner.
An offline scanner is simply a complete anti-virus and anti-spyware scanning tool that you download and burn to CD or DVD on another computer.
You then boot the infected machine from the media you burned and run the scanner. That way, the infected Windows doesn’t run and the scanner can check, change, or repair more than the a normal scanner could.
I recommend Windows Defender Offline for this purpose. Unfortunately, it’s not something you download and keep ready to use. In order to make sure you’re running the most recent update of the tool and its database of malware, it’s important to download it when you need it.
I strongly recommend you back up, regularly. In fact, I can’t stress this enough. 99% of the disasters I hear about could be completely avoided simply by having up-to-date backups. Macrium Reflect is the backup software I currently use and recommend.
Keep your computer up-to-date. That means turning on Windows Update or making sure to visit the Windows Update website religiously. The vast majority of computer infections we hear about are due to the operating system simply not being kept up-to-date with the latest available patches.
And finally, Internet Safety: 8 Steps to Keeping Your Computer Safe on the Internet has even more tips for keeping your computer safe.